IT EN
Your Reservation
Best rate guarantee
_close

Privacy Policy

Privacy Policy - photo 1
Privacy Policy

Privacy policy of www.sanbarbatoresort.com

 

For sanbarbatoresort.com (after called Site) the privacy of its users is of primary importance.

 

This Privacy Statement defines what data are collected and how they are used, disclosed, transferred and / or stored by the Site.

This site collects some personal data of its users.

The processing of personal data, such as a user's name, address, e-mail address or telephone number must always be in line with the General Data Protection Regulation (GDPR). Through this privacy policy, our company wishes to inform the general public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, the interested parties are informed, through this privacy policy, of the rights to which they are entitled.

As the data controller, HSB San Barbato Resort srl has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this site. However, Internet-based data transmissions may, in principle, present security gaps, therefore absolute protection may not be guaranteed. For this reason, each interested person is free to transfer his personal data through alternative means, e.g. by phone.

 

1. Definitions

The privacy policy of sanbarbatoresort.com is based on the terms used by the European legislator for the adoption of the general regulation on data protection (GDPR). Our privacy policy should be readable and comprehensible to the general public as well as to our customers and business partners. To guarantee this, we would first like to explain the terminology used.

In this privacy policy, we use, inter alia, the following terms:

 

a) Personal data

Personal data: any information relating to an identified or identifiable natural person ("user"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by referring to an identifier such as a name, an identification number, location data, an online identifier or one or more specific factors for physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

b) Object of the data

The user is an identified or identifiable natural person whose personal data is processed by the processing manager for processing.

 

c) Processing

Processing is any operation or set of operations performed on personal data or on personal data sets, even with automated tools, such as collection, registration, organization, structuring, preservation, adaptation or alteration, recovery, consultation, use, disclosure by transmission , dissemination or otherwise made available, alignment or combination, restriction, cancellation or destruction.

 

d) Limitation of treatment

Treatment limitation is the marking of personal data stored with the aim of limiting processing in the future.

 

e) Monitoring of behaviour

Behaviour monitoring: any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the performance of the physical person at work, the economic situation, health, personal preferences, interests, reliability, behaviour, position or movements.

 

f) Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific user without the use of additional information, provided that such additional information is stored separately and is subject to technical and organizational measures for ensure that personal data are not attributed to an identified or identifiable natural person.

 

g) Supervisory authority or control authority responsible for processing personal data

The controller of personal data is the natural or legal person, public authority, agency or other body that, alone or in collaboration with others, determines the purposes and means of processing personal data; if the purposes and means of such processing are determined by the law of the Union or of the Member State, the controller or the specific criteria for his appointment may be provided for by Union or Member State legislation.

 

h) Processor

Processor is a physical or legal individual, public authority, agency or other body that processes personal data on behalf of the controller.

 

i) Recipient

The recipient is a natural or legal person, a public authority, an agency or another body, to whom personal data are communicated, whether it is a third party or not. However, public authorities that may receive personal data in the context of a particular investigation in accordance with Union or Member State law are not considered to be the addressees; the processing of such data by these public authorities must comply with the data protection rules applicable according to the purposes of the processing.

 

j) Third part

The third party is a natural or legal person, public authority, agency or body other than the user, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

 

k) Consent

The user's consent is a free, specific, informed and unequivocal indication of the wishes of the interested person with whom he or she, by means of a declaration or a clear affirmative action, signifies consent to the processing of personal data concerning them.

 

 

2. Name and address of the owner of the processing of personal data
Owner of the processing of personal data for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union and other provisions related to data protection is:

 

HSB San Barbato Resort srl
Via Boccaccio, 26-4
20142 Milan - Italy
Phone: 0287165245
Email: info@sanbarbatoresort.com
Website: www. sanbarbatoresort.com

 

3. Cookies

The Internet pages of HSB San Barbato Resort srl use cookies. Cookies are text files that are stored in a computer system via an Internet browser.
Many websites and Internet servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which it is possible to assign Internet pages and servers to the specific Internet browser in which the cookie was stored. This allows Internet sites and visited servers to differentiate the individual browser of test subjects from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
Through the use of cookies, HSB San Barbato Resort srl can provide users of this website with more user-friendly services that would not be possible without setting cookies.
By means of a cookie, the information and offers on our website can be optimized taking into account the user. Cookies allow us, as mentioned above, to recognize users of our site. The purpose of this recognition is to make it easier for users to use our website. For example, the user of the website that uses cookies, for example, does not have to enter the access data every time he accesses the website, since the cookie stored on the user's computer system recognizes the data and therefore facilitates access . Another example is a shopping cart cookie in an online store. The online store stores the items that a customer has placed in the virtual shopping cart through a cookie.
The user can, at any time, prevent the setting of cookies through our website through the corresponding setting of the Internet browser used, and can therefore permanently deny the setting of cookies. In addition, cookies already set can be deleted at any time via an Internet browser or other software programs. This is possible in all the most popular Internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all the functions of our website can be entirely used.

 

4. Collection of general data and information

The website sanbarbatoresort.com of HSB San Barbato Resort srl collects a series of general data and information when a user accesses it. This data and general information is stored in the server log files. The types of browsers and the versions used can be collected (1), (2) the operating system used by the access system, (3) the website from which a system redirects the user to our website (so-called referrers) ), (4) the date and time of access to the Internet site, (5) an Internet protocol address (IP address), (6) the Internet service provider of the access system and (7) any other similar data and information that can be used in case of attacks on our computer systems.
When these data and general information are used, the HSB San Barbato Resort srl does not draw conclusions about the user. Rather, this information is necessary for (1) correctly providing the content of our website, (2) optimizing the content of our website and its advertising, (3) ensuring the long-term viability of our information systems and technology of the website and (4) provide the law enforcement authorities with the information necessary for prosecution in the event of an cyber attack

Therefore, the HSB San Barbato Resort srl statistically analyses data and information collected anonymously, in order to increase data protection and data security of our company and to ensure an optimal level of protection for personal data processed. Anonymous data from server log files is stored separately from all personal data provided by a user.

 

5. Types of Data collected

Among the Personal Information collected by this Website, either independently or through third parties, there are: name, company name, email address, various types of data, usage data and cookies. Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data are collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Website.
Unless otherwise specified, all the Data requested by this Website are mandatory. If the User refuses to communicate them, it may be impossible for this Website to provide the Service. In cases where this Website indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation.
Users who have doubts about which data are mandatory, are encouraged to contact the owner.
Any use of Cookies - or other tracking tools - by this Website or by third party service providers used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, in addition the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and warrants that he has the right to communicate or disseminate them, freeing the Owner from any liability to third parties.

6. Place

The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, contact the owner.
The User's Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the processing site, the User can refer to the section concerning the processing of Personal Data.
You have the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization of public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect the Data.
If one of the transfers described above takes place, the User can refer to the respective sections of this document or request information from the Data Controller by contacting him at the opening dates.

 

6.1. Personal Data is collected for the following purposes and using the following services:

 

• Contact the user
Contact form (this website) 

By filling out the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other kind indicated by the form header.

Personal Data collected: email, name, company name and various types of Data.

• Hosting and backend infrastructure

This type of service has the function of hosting data and files that allow this website to operate, allow distribution and provide a ready-to-use infrastructure to provide specific features of this website.
Some of these services work through geographically dispersed servers in different locations, making it difficult to determine the exact location where Personal Data is stored.

Aruba S.p.A. in the person of his legal representative, with office in Ponte San Pietro (BG), Via San Clemente n. 53, operates as Data Controller and can be contacted at privacy@staff.aruba.

Personal Data collected: Usage data and various types of Data as specified in the privacy policy of the service.

Place of processing: Ponte San Pietro 24036 BG - Privacy Policy.

• Interaction with social networks and external platforms

These services allow this site to collect data from your accounts on third-party services and perform actions with them. These services are not activated automatically, but require the express permission of the User.
Access to the LinkedIn account (LinkedIn Corporation)

The LinkedIn button and social widgets are services of interaction with the social network LinkedIn, provided by LinkedIn Corporation.
Personal Data collected: Various types of Data as specified in the privacy policy of the service.
Place of processing: United States - Privacy Policy. Person adhering to the Privacy Shield.

Access to Facebook account (Facebook, Inc.)

This service allows this Site to connect with the User's account on the social network Facebook, provided by Facebook, Inc.
Personal Data collected: Various types of Data as specified in the privacy policy of the service.
Place of processing: United States - Privacy Policy. Person adhering to the Privacy Shield.

Access to Twitter account (Twitter, Inc.)
This service allows this Site to connect with the User's account on the social network Facebook, provided by Facebook, Inc

Personal Data collected: Various types of Data as specified in the privacy policy of the service. Treatment: United States - Privacy Policy. Person adhering to the Privacy Shield.

Access to the Google + account (Google, Inc.)
This service allows this site to connect with the user's account on the social network Google+, provided by Google Inc.
Personal data collected: Various types of data as specified in the privacy policy of the service. Treatment: USA - Privacy Policy

 

6. Registration on our website

 

• Protection from SPAM
These services analyze the traffic of this Application, potentially containing Personal Data of Users, in order to filter it from parts of traffic, messages and contents recognized as SPAM.

Akismet (Automattic Inc.)
Akismet is a SPAM protection service provided by Automattic Inc.
Personal data collected: various types of data as specified in the privacy policy of the service.
Place of processing: USA - Privacy Policy

 

• Statistics
The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of User behaviour.

Google Analytics (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses Personal Information collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
Personal data collected: cookies and usage data.
Place of processing: USA -  Privacy Policy

Google Tag Manager (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses Personal Information collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
Personal data collected: cookies and usage data.
Place of processing: USA -  Privacy Policy

• Displaying content from external platforms

 

These services allow you to view content hosted on external platforms directly from the pages of this Application and interact with them. If a service of this type is installed, it is possible that, even if the Users do not use the service, the same collect traffic data relating to the pages in which it is installed.

Google Fonts (Google Inc.)
Google Fonts is a service of visualization of font styles managed by Google Inc. that allows this application to integrate such contents within its pages.
Personal data collected: cookies and usage data.
Place of processing: USA - Privacy Policy

Google Maps widget (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this application to integrate such contents within its pages.
Personal data collected: cookies and usage data.
Place of processing: USA - Privacy Policy


7. Registration on the website

 

The user has the opportunity to register on the website of the controller with the indication of personal data. What personal data is transmitted to the controller is determined by the relevant form used for registration. The personal data entered by the user are collected and stored exclusively for internal use by the controller and for their own purposes. The controller may request the transfer to one or more processors (for example a logistic and / or shipping service) that also uses personal data for an internal purpose attributable to the controller.
By registering on the website of the data controller, the IP address assigned by the Internet service provider (ISP) is also stored and used by the data object - date and time of registration. The storage of these data takes place in the background, which is the only way to prevent the misuse of our services and, if necessary, to make it possible to investigate committed crimes. Therefore, the conservation of this data is necessary to protect the user. This data will not be passed on to third parties unless there is a legal obligation to transmit data, or if the transfer is used for criminal prosecution.
The registration of the user, with the voluntary insertion of personal data, allows the data controller to offer data subjects or services that can only be offered to registered users. Registered persons are free to modify the personal data specified during registration at any time or to have them completely deleted from the data base of the data controller.
The data controller at any time provides information on request to each user about which personal data are stored. Furthermore, the controller of the data will correct or delete personal data on request or indication of the user, to the extent that there are no custody obligations required by law. All the employees of the data controller are available to the interested parties in this area as contact persons.

 

8. Possibility of contact via the website


The website sanbarbatoresort.com of HSB San Barbato Resort srl contains information that allows a quick electronic contact with our company, as well as a direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the user are automatically stored. Such personal data transmitted on a voluntary basis by a user to the controller is stored for processing or contacting the user. There is no transfer of this personal data to third parties.

 

9. Comment function in the blog on the site


The HSB San Barbato Resort srl offers users the possibility to leave individual comments on the individual contributions of the blog that is on the website of the data controller.
If a user leaves a comment on the blog published on this site, the comments made by the user are also stored and published, as well as information on the date of the comment and on the user (pseudonym) chosen by the user. In addition, the IP address assigned by the Internet service provider (FSI) to the user is also recorded. This storage of the IP address takes place for security reasons and in the event that the user infringes the rights of third parties or publishes illegal content through a specific comment. The storage of this personal data is therefore in the interest of the data controller, so that it can be cleared in case of violation. This personal data collected will not be passed on to third parties, unless such transfer is required by law or serves the purpose of the defence of the controller. On the blog it is also possible to share the contents on the profiles of the user's social networks using buttons at the end of the article.

 

10. Routine cancellation and blocking of personal data


The controller processes and stores the personal data of the user only for the period necessary to achieve the filing purpose, or to the extent that this is granted by the European legislator or other legislators in laws or regulations to which the manager is subject of treatment.
If the archival purpose is not applicable or if a retention period prescribed by the European legislator or another competent legislator expires, personal data is regularly blocked or deleted in accordance with legal requirements.

 

11. User rights

 

a) Confirmation right
Each user has the right conferred by the European legislator to obtain from the controller the confirmation of the existence or not of personal data concerning him. If a user wishes to make use of this confirmation right, he can, at any time, contact any employee of the controller.

 

b) Right of access
Each user has the right conferred by the European legislator to obtain from the data controller free information on their personal data stored at any time and a copy of such information. In addition, European directives and regulations grant the user access to the following information:

 

- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom personal data have been or will be communicated, in particular recipients in third countries or international organizations;
- where possible, the period for which personal data will be stored or, if not possible, the criteria used to determine this period;
- the existence of the right to request the controller to rectify or delete personal data, or limit the processing of personal data relating to the user, or to object to such processing;
- the existence of the right to lodge a complaint with the supervisory authority;
- if the personal data are not collected by the user, any information available on their origin;
- the existence of automated decision-making processes, including profiling, referred to in Article 22 (1) and (4) of the GDPR and, at least in such cases, significant information on the logic in question, as well as on the significance and expected consequences of such processing for the user.

 

Furthermore, the user has the right to obtain information on the transfer of personal data to a third country or an international organization. In this case, the data subject has the right to be informed of the appropriate guarantees relating to the transfer.
If a user wishes to make use of this right of access, he can, at any time, contact any employee of the controller.

 

c) Right of rectification
Each user has the right conferred by the European legislator to obtain from the controller without undue delay the correction of inaccurate personal data concerning him. Taking into account the purposes of the processing, the user has the right to complete incomplete personal data, also by submitting an additional declaration.
If a user wishes to exercise this right of rectification, he can, at any time, contact any employee of the controller.

 

d) Right to cancellation (right to be forgotten)
Each user has the right conferred by the European legislator to obtain from the data controller the deletion of personal data concerning him without undue delay and the controller is obliged to delete personal data without undue delay if one of the following reasons is applied , provided the treatment is not necessary:

- Personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You withdraw the consent to which the processing is based in accordance with Article 6 (1) (a) of the GDPR, or Article 9 (2) (a) of the GDPR, and where there is no is another legal basis for processing.
- You oppose the processing pursuant to Article 21 (1) of the GDPR and there is no legitimate legitimate reason for processing or you oppose the processing pursuant to Article 21 (2) of the GDPR .
- Personal data have been processed unlawfully.
- Personal data must be deleted for compliance with a legal obligation in the law of the Union or of the Member State to which the controller is subject.
- The personal data have been collected in connection with the offer of information society services referred to in Article 8 (1) of the GDPR.

 

If one of the aforementioned reasons is applied and the user wishes to request the deletion of personal data stored by sanbarbatoresort.com, he / she may, at any time, contact any employee of the controller. An employee of HSB San Barbato Resort srl must promptly ensure that the cancellation request is respected immediately.
Where the controller has made personal data public and is required, pursuant to Article 17 (1), to delete the personal data, the controller, taking into account the technology available and implementation costs, take reasonable steps, including technical measures, to inform other data controllers that you have requested the cancellation by such controllers of any connection, copying or replication of such personal data, for how much processing is not required. An employee of HSB San Barbato Resort srl will organize the necessary measures in individual cases.

 

e) Right to restriction of treatment
Every user has the right, granted by the European legislator, to obtain from the data controller the limitation of the treatment if one of the following conditions applies:

- The accuracy of personal data is contested by the user, for a period that allows the controller to verify the accuracy of personal data.
- The processing is illegal and the user opposes the deletion of personal data and instead requests the limitation of their use.
- The controller no longer needs personal data for processing purposes, but is required by the user for the establishment, operation or defense of legal claims.
- The user has contested the treatment in accordance with article 21, paragraph 1, of the GDPR pending verification that the legitimate reasons of the manager prevail over those of the user.

 

If one of the above conditions is met and the user wishes to request the limitation of the processing of personal data stored by HSB San Barbato Resort srl, he may at any time contact any employee of the controller. The employee of HSB San Barbato Resort srl will organize the processing restriction.

 

f) Right to data portability
Each user has the right, recognized by the European legislator, to receive personal data concerning him, provided to a controller, in a structured format, commonly used and readable by a machine. He has the right to forward this data to another data controller without impediment to the controller of personal data, provided that the processing is based on the consent referred to in Article 6 (1) (a) , the GDPR or point (a) of Article 9 (2) of the GDPR, or a contract within the meaning of Article 6 (1) (b) of the GDPR, and the processing is carried out by automated means, provided that processing is not necessary for the performance of a task performed in the public interest or in the exercise of public authority conferred on the controller.
Furthermore, in exercising its right to data portability pursuant to Article 20 (1) of the GDPR, the data subject shall have the right to transmit personal data directly from one controller to another, where technically feasible and in doing so. do not negatively affect the rights and freedoms of others.
To assert the right to data portability, the user can at any time contact any employee of the HSB San Barbato Resort srl.

 

g) Opposition law
Every user has the right, recognized by the European legislator to oppose, for reasons relating to his particular situation, at any time, to the processing of personal data concerning him, which is based on point (e) or (f)) of the article 6 (1) of the GDPR. This also applies to profiling based on these provisions.
The HSB San Barbato Resort srl will no longer process the personal data in case of objection, unless it can demonstrate legitimate compelling reasons for the processing that prevail over the interests, rights and freedoms of the user, or for the institution, the exercise or defence of legal claims.
If HSB San Barbato Resort srl processes personal data for direct marketing purposes, the user has the right to object at any time to the processing of personal data concerning him for such marketing. This applies to profiling in so far as it is related to such direct marketing. If the user makes opposition to HSB

San Barbato Resort srl for processing for direct marketing purposes, HSB San Barbato Resort srl will no longer process personal data for such purposes. Furthermore, the person concerned has the right, for reasons relating to his particular situation, to oppose the processing of personal data concerning him by HSB San Barbato Resort srl for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) of the GDPR, unless the processing is necessary for the performance of an activity carried out for reasons of public interest. To exercise the right to object, the user can contact any employee of HSB San Barbato Resort srl. Furthermore, the user is free in the context of the use of information society services and, by way of derogation from Directive 2002/58 / EC, to avail himself of his right to oppose using automated tools using technical specifications.

 

h) Automated individual decision making, including profiling
Each person concerned has the right, granted by the European legislator, not to be subjected to a decision based exclusively on automated processing, including profiling, which produces legal effects on him or her, or affects it significantly, provided that decision (1) is not necessary to conclude or execute a contract between the user and a data controller, or (2) is not authorized by Union law or the Member State to which the controller is subject processing and which also establishes appropriate measures to safeguard the rights and freedoms of the user and legitimate interests, or (3) is not based on the explicit consent of the data subject.
If the decision (1) is necessary to stipulate, or execute a contract between the user and a data controller, or (2) is based on the user's explicit consent, the HSB San Barbato Resort srl implements appropriate measures to safeguard the rights and freedoms of the user and the legitimate interests of the user, at least the right to obtain human intervention from the controller, to express their point of view and to challenge the decision.
If the user wishes to exercise the rights related to the individual automated decision-making process, he can, at any time, contact any employee of the HSB San Barbato Resort srl.

 

i) Right to withdraw consent to the privacy policy
Each user has the right, granted by the European legislator, to withdraw their consent to the processing of their personal data at any time.
If the user wishes to exercise the right to withdraw the consent, he can, at any time, contact any employee of the HSB San Barbato Resort srl.

 

 

12. Data protection for applications and application procedures
The data controller collects and processes the personal data of the applicants for the purpose of processing the application procedure. The treatment can also be done electronically. This is the case, in particular, if a user sends a request by e-mail or via a web form on the website. If the data controller concludes a work contract with a user, the data sent will be archived for the purpose of processing the employment relationship in accordance with legal requirements. If the controller does not conclude a work contract with the user, the documents sent are automatically deleted two months after notification of the refusal decision, provided that no other legitimate interest of the controller is against the cancellation.

 

13. Legal basis for processing
Art. 6 (1) paragraph 1. A GDPR acts as a legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the execution of a contract to which the user is a party, such as when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6 (1) lit. b GDPR. The same applies to the processing operations necessary for the execution of pre-contractual measures, for example in the case of requests relating to our products or services. Our company is subject to the legal obligation that provides for the processing of personal data, for example for the fulfilment of tax obligations, the treatment is based on art. 6 (1) paragraph c of the GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the user or another physical person. This would be the case, for example, if a visitor was injured in our society and his name, age, health insurance data or other vital information should be passed on to a doctor, hospital or other third party. So the elaboration is based on the art. 6 (1) comma d GDPR. Finally, processing operations could be based on Article 6 (1) lit. f GDPR. This legal basis is used for processing operations that are not covered by any of the aforementioned legal grounds, if the processing is necessary for the legitimate interests pursued by our company or a third party, except where such interests are exceeded by interest or fundamental rights and freedoms of the user who request the protection of personal data. Such processing operations are particularly admissible as they have been expressly mentioned by the European legislator. He considered that a legitimate interest could be assumed if the user is a customer of the controller (recital 47, sentence 2, GDPR).

 

14. The legitimate interests pursued by the controller or by a third party
Where the processing of personal data is based on Article 6 (1) lit. For GDPR our legitimate interest is to carry out our business in favour of the well-being of all our employees and shareholders.

 

15. Period of retention of personal data
The Data are processed and stored for the time required by the purposes for which they were collected.

Therefore:

• Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of the contract is completed.
• Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is met. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the processing is based on the consent of the User, the Data Controller may retain the Personal Data for a longer time until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by an order of an authority.

At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

 

16. Provision of personal data as a legal or contractual requirement; Requisite necessary to stipulate a contract; Obligation of the user to provide personal data; possible consequences of not providing such data

We clarify that the provision of personal data is in part required by law (eg tax regulations) or may also derive from contractual provisions (for example information on the contractual partner). Sometimes it may be necessary to stipulate a contract that the user provides personal data, which must then be processed by us. The user is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The failure to provide personal data would have the consequence that the contract with the user could not be concluded. Before the personal data is provided by the user, the user must contact any employee. The employee clarifies to the user whether the provision of personal data is required by law or by contract or is necessary for the conclusion of the contract, if there is an obligation to provide personal data and the consequences of non-provision of data personnel.

 

17. Existence of automated decision-making processes
As a responsible company, we do not use decision making or automatic profiling.

 

More information on treatment

 

• Defense in court


The User's Personal Data may be used by the Owner in court or in the preparatory stages of its possible establishment for the defense against abuse of the use of this website or the related Services by the User.
The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of the public authorities.

 

• Specific information


At the request of the User, in addition to the information contained in this privacy policy, this website may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

 

• System log and maintenance


For needs related to operation and maintenance, this website and any third party services used by it may collect system logs, which are files that record the interactions and which may also contain Personal Data, such as the User IP address.

 

• Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time to the Data Controller using the contact details.

 

• Response to "Do Not Track" requests

This website does not support "Do Not Track" requests.
To find out if any third-party services used support them, the User is invited to consult their respective privacy policies.

 

• Changes to this privacy policy

 

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this website as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Holder. Please therefore consult this page regularly, referring to the last modification date indicated at the bottom.

If the modifications concern treatments whose legal basis is consent, the Controller will collect the User's consent again, if necessary.

dismiss

We use cookies to improve your browsing, perform statistical analysis, show you ads based on your preferences and encourage interaction with social networks. If you want to know more click here. By continuing to browse, you consent to the use of cookies instead.
More info